aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorMattias Andrée <maandree@operamail.com>2013-11-22 11:03:34 +0100
committerMattias Andrée <maandree@operamail.com>2013-11-22 11:03:34 +0100
commit2b7dd9295829f479feb26b2462fb83a4c6ca30a6 (patch)
tree87caa2e80efab060a107fdea3b1b4e17d1ce7d5d /src
parentadd option to print * for each char (diff)
downloadlibpassphrase-2b7dd9295829f479feb26b2462fb83a4c6ca30a6.tar.gz
libpassphrase-2b7dd9295829f479feb26b2462fb83a4c6ca30a6.tar.bz2
libpassphrase-2b7dd9295829f479feb26b2462fb83a4c6ca30a6.tar.xz
do not use realloc by default, it is bad security
Signed-off-by: Mattias Andrée <maandree@operamail.com>
Diffstat (limited to 'src')
-rw-r--r--src/passphrase.c23
1 files changed, 21 insertions, 2 deletions
diff --git a/src/passphrase.c b/src/passphrase.c
index 94922e4..ae7ad36 100644
--- a/src/passphrase.c
+++ b/src/passphrase.c
@@ -78,8 +78,27 @@ char* passphrase_read(void)
#endif
*(rc + len++) = c;
if (len == size)
- if ((rc = realloc(rc, (size <<= 1L) * sizeof(char))) == NULL)
- return NULL;
+ {
+#ifndef PASSPHRASE_REALLOC
+ char* rc_2 = malloc((size <<= 1L) * sizeof(char));
+ int i;
+ if (rc_2)
+ {
+ for (i = 0; i < len; i++)
+ *(rc_2 + i) = *(rc + i);
+ }
+ for (i = 0; i < len; i++)
+ *(rc + i) = 0;
+ free(rc);
+ if (rc_2 == NULL)
+ return rc_2;
+ rc = rc_2;
+#else
+ rc = realloc(rc, (size <<= 1L) * sizeof(char));
+ if (rc == NULL)
+ return NULL;
+#endif
+ }
}
}